Move apache specific portions of android.net.http to external/apache-http.

We continue to compile external/apache-http into ext.jar. This contains
a few changes apart fom the classes moving around :

- Makefile changes to build docs and api-stubs for now. A future change
  will revert these changes and remove these classes from stubs and
  docs.
- Hardcode event IDs in legacyerrorstrings to avoid a dependency between
  the frameworks and apache. These strings are on their way out and will
  never change anyway.
- Remove imports due to {@link} tags and use {@code} instead.
- Remove an accidental(?) dependency on apache commons code that's a
  part of apache-http.

bug: 18027885

Change-Id: I51cd038d846ec7d02c283a4541b10a6a9cf62ecf

14 files changed, 1920 insertions, 0 deletions

diff --git a/core/java/org/apache/http/conn/ConnectTimeoutException.java b/core/java/org/apache/http/conn/ConnectTimeoutException.java
new file mode 100644
index 000000000000..6cc6922ffd9e
--- /dev/null
+++ b/core/java/org/apache/http/conn/ConnectTimeoutException.java
@@ -0,0 +1,69 @@
+/*
+ * $HeadURL: http://svn.apache.org/repos/asf/httpcomponents/httpclient/trunk/module-client/src/main/java/org/apache/http/conn/ConnectTimeoutException.java $
+ * $Revision: 617645 $
+ * $Date: 2008-02-01 13:05:31 -0800 (Fri, 01 Feb 2008) $
+ *
+ * ====================================================================
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ * ====================================================================
+ *
+ * This software consists of voluntary contributions made by many
+ * individuals on behalf of the Apache Software Foundation.  For more
+ * information on the Apache Software Foundation, please see
+ * <http://www.apache.org/>.
+ *
+ */
+
+package org.apache.http.conn;
+
+import java.io.InterruptedIOException;
+
+/**
+ * A timeout while connecting to an HTTP server or waiting for an
+ * available connection from an HttpConnectionManager.
+ * 
+ * @author <a href="mailto:laura@lwerner.org">Laura Werner</a>
+ * 
+ * @since 4.0
+ *
+ * @deprecated Please use {@link java.net.URL#openConnection} instead.
+ *     Please visit <a href="http://android-developers.blogspot.com/2011/09/androids-http-clients.html">this webpage</a>
+ *     for further details.
+ */
+@Deprecated
+public class ConnectTimeoutException extends InterruptedIOException {
+
+    private static final long serialVersionUID = -4816682903149535989L;
+
+    /**
+     * Creates a ConnectTimeoutException with a <tt>null</tt> detail message.
+     */
+    public ConnectTimeoutException() {
+        super();
+    }
+
+    /**
+     * Creates a ConnectTimeoutException with the specified detail message.
+     * 
+     * @param message The exception detail message 
+     */
+    public ConnectTimeoutException(final String message) {
+        super(message);
+    }
+
+}
diff --git a/core/java/org/apache/http/conn/scheme/HostNameResolver.java b/core/java/org/apache/http/conn/scheme/HostNameResolver.java
new file mode 100644
index 000000000000..30ef2987cdc0
--- /dev/null
+++ b/core/java/org/apache/http/conn/scheme/HostNameResolver.java
@@ -0,0 +1,47 @@
+/*
+ * $HeadURL:$
+ * $Revision:$
+ * $Date:$
+ *
+ * ====================================================================
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ * ====================================================================
+ *
+ * This software consists of voluntary contributions made by many
+ * individuals on behalf of the Apache Software Foundation.  For more
+ * information on the Apache Software Foundation, please see
+ * <http://www.apache.org/>.
+ *
+ */
+
+package org.apache.http.conn.scheme;
+
+import java.io.IOException;
+import java.net.InetAddress;
+
+/**
+ * @deprecated Please use {@link java.net.URL#openConnection} instead.
+ *     Please visit <a href="http://android-developers.blogspot.com/2011/09/androids-http-clients.html">this webpage</a>
+ *     for further details.
+ */
+@Deprecated
+public interface HostNameResolver {
+
+    InetAddress resolve (String hostname) throws IOException;
+
+}
diff --git a/core/java/org/apache/http/conn/scheme/LayeredSocketFactory.java b/core/java/org/apache/http/conn/scheme/LayeredSocketFactory.java
new file mode 100644
index 000000000000..b9f534895fbe
--- /dev/null
+++ b/core/java/org/apache/http/conn/scheme/LayeredSocketFactory.java
@@ -0,0 +1,77 @@
+/*
+ * $HeadURL: http://svn.apache.org/repos/asf/httpcomponents/httpclient/trunk/module-client/src/main/java/org/apache/http/conn/scheme/LayeredSocketFactory.java $
+ * $Revision: 645850 $
+ * $Date: 2008-04-08 04:08:52 -0700 (Tue, 08 Apr 2008) $
+ *
+ * ====================================================================
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ * ====================================================================
+ *
+ * This software consists of voluntary contributions made by many
+ * individuals on behalf of the Apache Software Foundation.  For more
+ * information on the Apache Software Foundation, please see
+ * <http://www.apache.org/>.
+ *
+ */
+
+package org.apache.http.conn.scheme;
+
+import java.io.IOException;
+import java.net.Socket;
+import java.net.UnknownHostException;
+
+/**
+ * A {@link SocketFactory SocketFactory} for layered sockets (SSL/TLS).
+ * See there for things to consider when implementing a socket factory.
+ * 
+ * @author Michael Becke
+ * @author <a href="mailto:mbowler@GargoyleSoftware.com">Mike Bowler</a>
+ * @since 4.0
+ *
+ * @deprecated Please use {@link java.net.URL#openConnection} instead.
+ *     Please visit <a href="http://android-developers.blogspot.com/2011/09/androids-http-clients.html">this webpage</a>
+ *     for further details.
+ */
+@Deprecated
+public interface LayeredSocketFactory extends SocketFactory {
+
+    /**
+     * Returns a socket connected to the given host that is layered over an
+     * existing socket.  Used primarily for creating secure sockets through
+     * proxies.
+     * 
+     * @param socket the existing socket 
+     * @param host the host name/IP
+     * @param port the port on the host
+     * @param autoClose a flag for closing the underling socket when the created
+     * socket is closed
+     * 
+     * @return Socket a new socket
+     * 
+     * @throws IOException if an I/O error occurs while creating the socket
+     * @throws UnknownHostException if the IP address of the host cannot be
+     * determined
+     */
+    Socket createSocket(
+        Socket socket, 
+        String host, 
+        int port, 
+        boolean autoClose
+    ) throws IOException, UnknownHostException;              
+
+}
diff --git a/core/java/org/apache/http/conn/scheme/SocketFactory.java b/core/java/org/apache/http/conn/scheme/SocketFactory.java
new file mode 100644
index 000000000000..c6bc03c707aa
--- /dev/null
+++ b/core/java/org/apache/http/conn/scheme/SocketFactory.java
@@ -0,0 +1,143 @@
+/*
+ * $HeadURL: http://svn.apache.org/repos/asf/httpcomponents/httpclient/trunk/module-client/src/main/java/org/apache/http/conn/scheme/SocketFactory.java $
+ * $Revision: 645850 $
+ * $Date: 2008-04-08 04:08:52 -0700 (Tue, 08 Apr 2008) $
+ *
+ * ====================================================================
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ * ====================================================================
+ *
+ * This software consists of voluntary contributions made by many
+ * individuals on behalf of the Apache Software Foundation.  For more
+ * information on the Apache Software Foundation, please see
+ * <http://www.apache.org/>.
+ *
+ */
+
+package org.apache.http.conn.scheme;
+
+import java.io.IOException;
+import java.net.InetAddress;
+import java.net.Socket;
+import java.net.UnknownHostException;
+
+import org.apache.http.conn.ConnectTimeoutException;
+import org.apache.http.params.HttpParams;
+
+/**
+ * A factory for creating and connecting sockets.
+ * The factory encapsulates the logic for establishing a socket connection.
+ * <br/>
+ * Both {@link java.lang.Object#equals(java.lang.Object) Object.equals()}
+ * and {@link java.lang.Object#hashCode() Object.hashCode()}
+ * must be overridden for the correct operation of some connection managers.
+ * 
+ * @author <a href="mailto:rolandw at apache.org">Roland Weber</a>
+ * @author Michael Becke
+ * @author <a href="mailto:mbowler@GargoyleSoftware.com">Mike Bowler</a>
+ *
+ * @deprecated Please use {@link java.net.URL#openConnection} instead.
+ *     Please visit <a href="http://android-developers.blogspot.com/2011/09/androids-http-clients.html">this webpage</a>
+ *     for further details.
+ */
+@Deprecated
+public interface SocketFactory {
+
+    /**
+     * Creates a new, unconnected socket.
+     * The socket should subsequently be passed to
+     * {@link #connectSocket connectSocket}.
+     *
+     * @return  a new socket
+     * 
+     * @throws IOException if an I/O error occurs while creating the socket
+     */
+    Socket createSocket()
+        throws IOException
+        ;
+
+
+    /**
+     * Connects a socket to the given host.
+     * 
+     * @param sock      the socket to connect, as obtained from
+     *                  {@link #createSocket createSocket}.
+     *                  <code>null</code> indicates that a new socket
+     *                  should be created and connected.
+     * @param host      the host to connect to
+     * @param port      the port to connect to on the host
+     * @param localAddress the local address to bind the socket to, or
+     *                  <code>null</code> for any
+     * @param localPort the port on the local machine,
+     *                  0 or a negative number for any
+     * @param params    additional {@link HttpParams parameters} for connecting
+     * 
+     * @return  the connected socket. The returned object may be different
+     *          from the <code>sock</code> argument if this factory supports
+     *          a layered protocol.
+     * 
+     * @throws IOException if an I/O error occurs
+     * @throws UnknownHostException if the IP address of the target host
+     *          can not be determined
+     * @throws ConnectTimeoutException if the socket cannot be connected
+     *          within the time limit defined in the <code>params</code>
+     */
+    Socket connectSocket(
+        Socket sock,
+        String host, 
+        int port, 
+        InetAddress localAddress, 
+        int localPort,
+        HttpParams params
+    ) throws IOException, UnknownHostException, ConnectTimeoutException;
+
+
+    /**
+     * Checks whether a socket provides a secure connection.
+     * The socket must be {@link #connectSocket connected}
+     * by this factory.
+     * The factory will <i>not</i> perform I/O operations
+     * in this method.
+     * <br/>
+     * As a rule of thumb, plain sockets are not secure and
+     * TLS/SSL sockets are secure. However, there may be
+     * application specific deviations. For example, a plain
+     * socket to a host in the same intranet ("trusted zone")
+     * could be considered secure. On the other hand, a
+     * TLS/SSL socket could be considered insecure based on
+     * the cypher suite chosen for the connection.
+     *
+     * @param sock      the connected socket to check
+     *
+     * @return  <code>true</code> if the connection of the socket
+     *          should be considered secure, or
+     *          <code>false</code> if it should not
+     *
+     * @throws IllegalArgumentException
+     *  if the argument is invalid, for example because it is
+     *  not a connected socket or was created by a different
+     *  socket factory.
+     *  Note that socket factories are <i>not</i> required to
+     *  check these conditions, they may simply return a default
+     *  value when called with an invalid socket argument.
+     */
+    boolean isSecure(Socket sock)
+        throws IllegalArgumentException
+        ;
+
+}
diff --git a/core/java/org/apache/http/conn/ssl/AbstractVerifier.java b/core/java/org/apache/http/conn/ssl/AbstractVerifier.java
new file mode 100644
index 000000000000..e264f1c4de49
--- /dev/null
+++ b/core/java/org/apache/http/conn/ssl/AbstractVerifier.java
@@ -0,0 +1,288 @@
+/*
+ * $HeadURL: http://svn.apache.org/repos/asf/httpcomponents/httpclient/trunk/module-client/src/main/java/org/apache/http/conn/ssl/AbstractVerifier.java $
+ * $Revision: 653041 $
+ * $Date: 2008-05-03 03:39:28 -0700 (Sat, 03 May 2008) $
+ *
+ * ====================================================================
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ * ====================================================================
+ *
+ * This software consists of voluntary contributions made by many
+ * individuals on behalf of the Apache Software Foundation.  For more
+ * information on the Apache Software Foundation, please see
+ * <http://www.apache.org/>.
+ *
+ */
+
+package org.apache.http.conn.ssl;
+
+import java.util.regex.Pattern;
+
+import java.io.IOException;
+import java.security.cert.Certificate;
+import java.security.cert.CertificateParsingException;
+import java.security.cert.X509Certificate;
+import java.util.Arrays;
+import java.util.Collection;
+import java.util.Iterator;
+import java.util.LinkedList;
+import java.util.List;
+import java.util.Locale;
+import java.util.logging.Logger;
+import java.util.logging.Level;
+
+import javax.net.ssl.DistinguishedNameParser;
+import javax.net.ssl.SSLException;
+import javax.net.ssl.SSLSession;
+import javax.net.ssl.SSLSocket;
+
+/**
+ * Abstract base class for all standard {@link X509HostnameVerifier} 
+ * implementations.
+ * 
+ * @author Julius Davies
+ *
+ * @deprecated Please use {@link java.net.URL#openConnection} instead.
+ *     Please visit <a href="http://android-developers.blogspot.com/2011/09/androids-http-clients.html">this webpage</a>
+ *     for further details.
+ */
+@Deprecated
+public abstract class AbstractVerifier implements X509HostnameVerifier {
+
+    private static final Pattern IPV4_PATTERN = Pattern.compile(
+            "^(25[0-5]|2[0-4]\\d|[0-1]?\\d?\\d)(\\.(25[0-5]|2[0-4]\\d|[0-1]?\\d?\\d)){3}$");
+
+    /**
+     * This contains a list of 2nd-level domains that aren't allowed to
+     * have wildcards when combined with country-codes.
+     * For example: [*.co.uk].
+     * <p/>
+     * The [*.co.uk] problem is an interesting one.  Should we just hope
+     * that CA's would never foolishly allow such a certificate to happen?
+     * Looks like we're the only implementation guarding against this.
+     * Firefox, Curl, Sun Java 1.4, 5, 6 don't bother with this check.
+     */
+    private final static String[] BAD_COUNTRY_2LDS =
+          { "ac", "co", "com", "ed", "edu", "go", "gouv", "gov", "info",
+            "lg", "ne", "net", "or", "org" };
+
+    static {
+        // Just in case developer forgot to manually sort the array.  :-)
+        Arrays.sort(BAD_COUNTRY_2LDS);
+    }
+
+    public AbstractVerifier() {
+        super();
+    }
+
+    public final void verify(String host, SSLSocket ssl)
+          throws IOException {
+        if(host == null) {
+            throw new NullPointerException("host to verify is null");
+        }
+
+        SSLSession session = ssl.getSession();
+        Certificate[] certs = session.getPeerCertificates();
+        X509Certificate x509 = (X509Certificate) certs[0];
+        verify(host, x509);
+    }
+
+    public final boolean verify(String host, SSLSession session) {
+        try {
+            Certificate[] certs = session.getPeerCertificates();
+            X509Certificate x509 = (X509Certificate) certs[0];
+            verify(host, x509);
+            return true;
+        }
+        catch(SSLException e) {
+            return false;
+        }
+    }
+
+    public final void verify(String host, X509Certificate cert)
+          throws SSLException {
+        String[] cns = getCNs(cert);
+        String[] subjectAlts = getDNSSubjectAlts(cert);
+        verify(host, cns, subjectAlts);
+    }
+
+    public final void verify(final String host, final String[] cns,
+                             final String[] subjectAlts,
+                             final boolean strictWithSubDomains)
+          throws SSLException {
+
+        // Build the list of names we're going to check.  Our DEFAULT and
+        // STRICT implementations of the HostnameVerifier only use the
+        // first CN provided.  All other CNs are ignored.
+        // (Firefox, wget, curl, Sun Java 1.4, 5, 6 all work this way).
+        LinkedList<String> names = new LinkedList<String>();
+        if(cns != null && cns.length > 0 && cns[0] != null) {
+            names.add(cns[0]);
+        }
+        if(subjectAlts != null) {
+            for (String subjectAlt : subjectAlts) {
+                if (subjectAlt != null) {
+                    names.add(subjectAlt);
+                }
+            }
+        }
+
+        if(names.isEmpty()) {
+            String msg = "Certificate for <" + host + "> doesn't contain CN or DNS subjectAlt";
+            throw new SSLException(msg);
+        }
+
+        // StringBuffer for building the error message.
+        StringBuffer buf = new StringBuffer();
+
+        // We're can be case-insensitive when comparing the host we used to
+        // establish the socket to the hostname in the certificate.
+        String hostName = host.trim().toLowerCase(Locale.ENGLISH);
+        boolean match = false;
+        for(Iterator<String> it = names.iterator(); it.hasNext();) {
+            // Don't trim the CN, though!
+            String cn = it.next();
+            cn = cn.toLowerCase(Locale.ENGLISH);
+            // Store CN in StringBuffer in case we need to report an error.
+            buf.append(" <");
+            buf.append(cn);
+            buf.append('>');
+            if(it.hasNext()) {
+                buf.append(" OR");
+            }
+
+            // The CN better have at least two dots if it wants wildcard
+            // action.  It also can't be [*.co.uk] or [*.co.jp] or
+            // [*.org.uk], etc...
+            boolean doWildcard = cn.startsWith("*.") &&
+                                 cn.indexOf('.', 2) != -1 &&
+                                 acceptableCountryWildcard(cn) &&
+                                 !isIPv4Address(host);
+
+            if(doWildcard) {
+                match = hostName.endsWith(cn.substring(1));
+                if(match && strictWithSubDomains) {
+                    // If we're in strict mode, then [*.foo.com] is not
+                    // allowed to match [a.b.foo.com]
+                    match = countDots(hostName) == countDots(cn);
+                }
+            } else {
+                match = hostName.equals(cn);
+            }
+            if(match) {
+                break;
+            }
+        }
+        if(!match) {
+            throw new SSLException("hostname in certificate didn't match: <" + host + "> !=" + buf);
+        }
+    }
+
+    public static boolean acceptableCountryWildcard(String cn) {
+        int cnLen = cn.length();
+        if(cnLen >= 7 && cnLen <= 9) {
+            // Look for the '.' in the 3rd-last position:
+            if(cn.charAt(cnLen - 3) == '.') {
+                // Trim off the [*.] and the [.XX].
+                String s = cn.substring(2, cnLen - 3);
+                // And test against the sorted array of bad 2lds:
+                int x = Arrays.binarySearch(BAD_COUNTRY_2LDS, s);
+                return x < 0;
+            }
+        }
+        return true;
+    }
+
+    public static String[] getCNs(X509Certificate cert) {
+        DistinguishedNameParser dnParser =
+                new DistinguishedNameParser(cert.getSubjectX500Principal());
+        List<String> cnList = dnParser.getAllMostSpecificFirst("cn");
+
+        if(!cnList.isEmpty()) {
+            String[] cns = new String[cnList.size()];
+            cnList.toArray(cns);
+            return cns;
+        } else {
+            return null;
+        }
+    }
+
+
+    /**
+     * Extracts the array of SubjectAlt DNS names from an X509Certificate.
+     * Returns null if there aren't any.
+     * <p/>
+     * Note:  Java doesn't appear able to extract international characters
+     * from the SubjectAlts.  It can only extract international characters
+     * from the CN field.
+     * <p/>
+     * (Or maybe the version of OpenSSL I'm using to test isn't storing the
+     * international characters correctly in the SubjectAlts?).
+     *
+     * @param cert X509Certificate
+     * @return Array of SubjectALT DNS names stored in the certificate.
+     */
+    public static String[] getDNSSubjectAlts(X509Certificate cert) {
+        LinkedList<String> subjectAltList = new LinkedList<String>();
+        Collection<List<?>> c = null;
+        try {
+            c = cert.getSubjectAlternativeNames();
+        }
+        catch(CertificateParsingException cpe) {
+            Logger.getLogger(AbstractVerifier.class.getName())
+                    .log(Level.FINE, "Error parsing certificate.", cpe);
+        }
+        if(c != null) {
+            for (List<?> aC : c) {
+                List<?> list = aC;
+                int type = ((Integer) list.get(0)).intValue();
+                // If type is 2, then we've got a dNSName
+                if (type == 2) {
+                    String s = (String) list.get(1);
+                    subjectAltList.add(s);
+                }
+            }
+        }
+        if(!subjectAltList.isEmpty()) {
+            String[] subjectAlts = new String[subjectAltList.size()];
+            subjectAltList.toArray(subjectAlts);
+            return subjectAlts;
+        } else {
+            return null;
+        }
+    }
+
+    /**
+     * Counts the number of dots "." in a string.
+     * @param s  string to count dots from
+     * @return  number of dots
+     */
+    public static int countDots(final String s) {
+        int count = 0;
+        for(int i = 0; i < s.length(); i++) {
+            if(s.charAt(i) == '.') {
+                count++;
+            }
+        }
+        return count;
+    }
+
+    private static boolean isIPv4Address(final String input) {
+        return IPV4_PATTERN.matcher(input).matches();
+    }
+}
diff --git a/core/java/org/apache/http/conn/ssl/AllowAllHostnameVerifier.java b/core/java/org/apache/http/conn/ssl/AllowAllHostnameVerifier.java
new file mode 100644
index 000000000000..c2bf4c4f8f1a
--- /dev/null
+++ b/core/java/org/apache/http/conn/ssl/AllowAllHostnameVerifier.java
@@ -0,0 +1,59 @@
+/*
+ * $HeadURL: http://svn.apache.org/repos/asf/httpcomponents/httpclient/trunk/module-client/src/main/java/org/apache/http/conn/ssl/AllowAllHostnameVerifier.java $
+ * $Revision: 617642 $
+ * $Date: 2008-02-01 12:54:07 -0800 (Fri, 01 Feb 2008) $
+ *
+ * ====================================================================
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ * ====================================================================
+ *
+ * This software consists of voluntary contributions made by many
+ * individuals on behalf of the Apache Software Foundation.  For more
+ * information on the Apache Software Foundation, please see
+ * <http://www.apache.org/>.
+ *
+ */
+
+package org.apache.http.conn.ssl;
+
+/**
+ * The ALLOW_ALL HostnameVerifier essentially turns hostname verification
+ * off. This implementation is a no-op, and never throws the SSLException.
+ * 
+ * @author Julius Davies
+ *
+ * @deprecated Please use {@link java.net.URL#openConnection} instead.
+ *     Please visit <a href="http://android-developers.blogspot.com/2011/09/androids-http-clients.html">this webpage</a>
+ *     for further details.
+ */
+@Deprecated
+public class AllowAllHostnameVerifier extends AbstractVerifier {
+
+    public final void verify(
+            final String host, 
+            final String[] cns,
+            final String[] subjectAlts) {
+        // Allow everything - so never blowup.
+    }
+
+    @Override
+    public final String toString() { 
+        return "ALLOW_ALL"; 
+    }
+    
+}
diff --git a/core/java/org/apache/http/conn/ssl/BrowserCompatHostnameVerifier.java b/core/java/org/apache/http/conn/ssl/BrowserCompatHostnameVerifier.java
new file mode 100644
index 000000000000..48a7bf9d82bf
--- /dev/null
+++ b/core/java/org/apache/http/conn/ssl/BrowserCompatHostnameVerifier.java
@@ -0,0 +1,67 @@
+/*
+ * $HeadURL: http://svn.apache.org/repos/asf/httpcomponents/httpclient/trunk/module-client/src/main/java/org/apache/http/conn/ssl/BrowserCompatHostnameVerifier.java $
+ * $Revision: 617642 $
+ * $Date: 2008-02-01 12:54:07 -0800 (Fri, 01 Feb 2008) $
+ *
+ * ====================================================================
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ * ====================================================================
+ *
+ * This software consists of voluntary contributions made by many
+ * individuals on behalf of the Apache Software Foundation.  For more
+ * information on the Apache Software Foundation, please see
+ * <http://www.apache.org/>.
+ *
+ */
+
+package org.apache.http.conn.ssl;
+
+import javax.net.ssl.SSLException;
+
+/**
+ * The HostnameVerifier that works the same way as Curl and Firefox.
+ * <p/>
+ * The hostname must match either the first CN, or any of the subject-alts.
+ * A wildcard can occur in the CN, and in any of the subject-alts.
+ * <p/>
+ * The only difference between BROWSER_COMPATIBLE and STRICT is that a wildcard 
+ * (such as "*.foo.com") with BROWSER_COMPATIBLE matches all subdomains, 
+ * including "a.b.foo.com".
+ * 
+ * @author Julius Davies
+ *
+ * @deprecated Please use {@link java.net.URL#openConnection} instead.
+ *     Please visit <a href="http://android-developers.blogspot.com/2011/09/androids-http-clients.html">this webpage</a>
+ *     for further details.
+ */
+@Deprecated
+public class BrowserCompatHostnameVerifier extends AbstractVerifier {
+
+    public final void verify(
+            final String host, 
+            final String[] cns,
+            final String[] subjectAlts) throws SSLException {
+        verify(host, cns, subjectAlts, false);
+    }
+
+    @Override
+    public final String toString() { 
+        return "BROWSER_COMPATIBLE"; 
+    }
+    
+}
diff --git a/core/java/org/apache/http/conn/ssl/SSLSocketFactory.java b/core/java/org/apache/http/conn/ssl/SSLSocketFactory.java
new file mode 100644
index 000000000000..4d53d4050bdd
--- /dev/null
+++ b/core/java/org/apache/http/conn/ssl/SSLSocketFactory.java
@@ -0,0 +1,408 @@
+/*
+ * $HeadURL: http://svn.apache.org/repos/asf/httpcomponents/httpclient/trunk/module-client/src/main/java/org/apache/http/conn/ssl/SSLSocketFactory.java $
+ * $Revision: 659194 $
+ * $Date: 2008-05-22 11:33:47 -0700 (Thu, 22 May 2008) $
+ *
+ * ====================================================================
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ * ====================================================================
+ *
+ * This software consists of voluntary contributions made by many
+ * individuals on behalf of the Apache Software Foundation.  For more
+ * information on the Apache Software Foundation, please see
+ * <http://www.apache.org/>.
+ *
+ */
+
+package org.apache.http.conn.ssl;
+
+import org.apache.http.conn.scheme.HostNameResolver;
+import org.apache.http.conn.scheme.LayeredSocketFactory;
+import org.apache.http.params.HttpConnectionParams;
+import org.apache.http.params.HttpParams;
+
+import javax.net.ssl.HttpsURLConnection;
+import javax.net.ssl.KeyManager;
+import javax.net.ssl.KeyManagerFactory;
+import javax.net.ssl.SSLContext;
+import javax.net.ssl.SSLSocket;
+import javax.net.ssl.TrustManager;
+import javax.net.ssl.TrustManagerFactory;
+import java.io.IOException;
+import java.net.InetAddress;
+import java.net.InetSocketAddress;
+import java.net.Socket;
+import java.net.UnknownHostException;
+import java.security.KeyManagementException;
+import java.security.KeyStore;
+import java.security.KeyStoreException;
+import java.security.NoSuchAlgorithmException;
+import java.security.SecureRandom;
+import java.security.UnrecoverableKeyException;
+
+/**
+ * Layered socket factory for TLS/SSL connections, based on JSSE.
+ *.
+ * <p>
+ * SSLSocketFactory can be used to validate the identity of the HTTPS 
+ * server against a list of trusted certificates and to authenticate to
+ * the HTTPS server using a private key. 
+ * </p>
+ * 
+ * <p>
+ * SSLSocketFactory will enable server authentication when supplied with
+ * a {@link KeyStore truststore} file containg one or several trusted
+ * certificates. The client secure socket will reject the connection during
+ * the SSL session handshake if the target HTTPS server attempts to
+ * authenticate itself with a non-trusted certificate.
+ * </p>
+ * 
+ * <p>
+ * Use JDK keytool utility to import a trusted certificate and generate a truststore file:    
+ *    <pre>
+ *     keytool -import -alias "my server cert" -file server.crt -keystore my.truststore
+ *    </pre>
+ * </p>
+ * 
+ * <p>
+ * SSLSocketFactory will enable client authentication when supplied with
+ * a {@link KeyStore keystore} file containg a private key/public certificate
+ * pair. The client secure socket will use the private key to authenticate
+ * itself to the target HTTPS server during the SSL session handshake if
+ * requested to do so by the server.
+ * The target HTTPS server will in its turn verify the certificate presented
+ * by the client in order to establish client's authenticity
+ * </p>
+ * 
+ * <p>
+ * Use the following sequence of actions to generate a keystore file
+ * </p>
+ *   <ul>
+ *     <li>
+ *      <p>
+ *      Use JDK keytool utility to generate a new key
+ *      <pre>keytool -genkey -v -alias "my client key" -validity 365 -keystore my.keystore</pre>
+ *      For simplicity use the same password for the key as that of the keystore
+ *      </p>
+ *     </li>
+ *     <li>
+ *      <p>
+ *      Issue a certificate signing request (CSR)
+ *      <pre>keytool -certreq -alias "my client key" -file mycertreq.csr -keystore my.keystore</pre>
+ *     </p>
+ *     </li>
+ *     <li>
+ *      <p>
+ *      Send the certificate request to the trusted Certificate Authority for signature. 
+ *      One may choose to act as her own CA and sign the certificate request using a PKI 
+ *      tool, such as OpenSSL.
+ *      </p>
+ *     </li>
+ *     <li>
+ *      <p>
+ *       Import the trusted CA root certificate
+ *       <pre>keytool -import -alias "my trusted ca" -file caroot.crt -keystore my.keystore</pre> 
+ *      </p>
+ *     </li>
+ *     <li>
+ *      <p>
+ *       Import the PKCS#7 file containg the complete certificate chain
+ *       <pre>keytool -import -alias "my client key" -file mycert.p7 -keystore my.keystore</pre> 
+ *      </p>
+ *     </li>
+ *     <li>
+ *      <p>
+ *       Verify the content the resultant keystore file
+ *       <pre>keytool -list -v -keystore my.keystore</pre> 
+ *      </p>
+ *     </li>
+ *   </ul>
+ * @author <a href="mailto:oleg at ural.ru">Oleg Kalnichevski</a>
+ * @author Julius Davies
+ *
+ * @deprecated Please use {@link java.net.URL#openConnection} instead.
+ *     Please visit <a href="http://android-developers.blogspot.com/2011/09/androids-http-clients.html">this webpage</a>
+ *     for further details.
+ */
+@Deprecated
+public class SSLSocketFactory implements LayeredSocketFactory {
+
+    public static final String TLS   = "TLS";
+    public static final String SSL   = "SSL";
+    public static final String SSLV2 = "SSLv2";
+    
+    public static final X509HostnameVerifier ALLOW_ALL_HOSTNAME_VERIFIER 
+        = new AllowAllHostnameVerifier();
+    
+    public static final X509HostnameVerifier BROWSER_COMPATIBLE_HOSTNAME_VERIFIER 
+        = new BrowserCompatHostnameVerifier();
+    
+    public static final X509HostnameVerifier STRICT_HOSTNAME_VERIFIER 
+        = new StrictHostnameVerifier();
+
+    /*
+     * Put defaults into holder class to avoid class preloading creating an
+     * instance of the classes referenced.
+     */
+    private static class NoPreloadHolder {
+        /**
+         * The factory using the default JVM settings for secure connections.
+         */
+        private static final SSLSocketFactory DEFAULT_FACTORY = new SSLSocketFactory();
+    }
+
+    /**
+     * Gets an singleton instance of the SSLProtocolSocketFactory.
+     * @return a SSLProtocolSocketFactory
+     */
+    public static SSLSocketFactory getSocketFactory() {
+        return NoPreloadHolder.DEFAULT_FACTORY;
+    }
+
+    private final SSLContext sslcontext;
+    private final javax.net.ssl.SSLSocketFactory socketfactory;
+    private final HostNameResolver nameResolver;
+    private X509HostnameVerifier hostnameVerifier = BROWSER_COMPATIBLE_HOSTNAME_VERIFIER;
+
+    public SSLSocketFactory(
+        String algorithm, 
+        final KeyStore keystore, 
+        final String keystorePassword, 
+        final KeyStore truststore,
+        final SecureRandom random,
+        final HostNameResolver nameResolver) 
+        throws NoSuchAlgorithmException, KeyManagementException, KeyStoreException, UnrecoverableKeyException
+    {
+        super();
+        if (algorithm == null) {
+            algorithm = TLS;
+        }
+        KeyManager[] keymanagers = null;
+        if (keystore != null) {
+            keymanagers = createKeyManagers(keystore, keystorePassword);
+        }
+        TrustManager[] trustmanagers = null;
+        if (truststore != null) {
+            trustmanagers = createTrustManagers(truststore);
+        }
+        this.sslcontext = SSLContext.getInstance(algorithm);
+        this.sslcontext.init(keymanagers, trustmanagers, random);
+        this.socketfactory = this.sslcontext.getSocketFactory();
+        this.nameResolver = nameResolver;
+    }
+
+    public SSLSocketFactory(
+            final KeyStore keystore, 
+            final String keystorePassword, 
+            final KeyStore truststore) 
+            throws NoSuchAlgorithmException, KeyManagementException, KeyStoreException, UnrecoverableKeyException
+    {
+        this(TLS, keystore, keystorePassword, truststore, null, null);
+    }
+
+    public SSLSocketFactory(final KeyStore keystore, final String keystorePassword) 
+            throws NoSuchAlgorithmException, KeyManagementException, KeyStoreException, UnrecoverableKeyException
+    {
+        this(TLS, keystore, keystorePassword, null, null, null);
+    }
+
+    public SSLSocketFactory(final KeyStore truststore) 
+            throws NoSuchAlgorithmException, KeyManagementException, KeyStoreException, UnrecoverableKeyException
+    {
+        this(TLS, null, null, truststore, null, null);
+    }
+
+    /**
+     * Constructs an HttpClient SSLSocketFactory backed by the given JSSE
+     * SSLSocketFactory.
+     *
+     * @hide
+     */
+    public SSLSocketFactory(javax.net.ssl.SSLSocketFactory socketfactory) {
+        super();
+        this.sslcontext = null;
+        this.socketfactory = socketfactory;
+        this.nameResolver = null;
+    }
+
+    /**
+     * Creates the default SSL socket factory.
+     * This constructor is used exclusively to instantiate the factory for
+     * {@link #getSocketFactory getSocketFactory}.
+     */
+    private SSLSocketFactory() {
+        super();
+        this.sslcontext = null;
+        this.socketfactory = HttpsURLConnection.getDefaultSSLSocketFactory();
+        this.nameResolver = null;
+    }
+
+    private static KeyManager[] createKeyManagers(final KeyStore keystore, final String password)
+        throws KeyStoreException, NoSuchAlgorithmException, UnrecoverableKeyException {
+        if (keystore == null) {
+            throw new IllegalArgumentException("Keystore may not be null");
+        }
+        KeyManagerFactory kmfactory = KeyManagerFactory.getInstance(
+            KeyManagerFactory.getDefaultAlgorithm());
+        kmfactory.init(keystore, password != null ? password.toCharArray(): null);
+        return kmfactory.getKeyManagers(); 
+    }
+
+    private static TrustManager[] createTrustManagers(final KeyStore keystore)
+        throws KeyStoreException, NoSuchAlgorithmException { 
+        if (keystore == null) {
+            throw new IllegalArgumentException("Keystore may not be null");
+        }
+        TrustManagerFactory tmfactory = TrustManagerFactory.getInstance(
+            TrustManagerFactory.getDefaultAlgorithm());
+        tmfactory.init(keystore);
+        return tmfactory.getTrustManagers();
+    }
+
+
+    // non-javadoc, see interface org.apache.http.conn.SocketFactory
+    public Socket createSocket()
+        throws IOException {
+
+        // the cast makes sure that the factory is working as expected
+        return (SSLSocket) this.socketfactory.createSocket();
+    }
+
+
+    // non-javadoc, see interface org.apache.http.conn.SocketFactory
+    public Socket connectSocket(
+        final Socket sock,
+        final String host,
+        final int port,
+        final InetAddress localAddress,
+        int localPort,
+        final HttpParams params
+    ) throws IOException {
+
+        if (host == null) {
+            throw new IllegalArgumentException("Target host may not be null.");
+        }
+        if (params == null) {
+            throw new IllegalArgumentException("Parameters may not be null.");
+        }
+
+        SSLSocket sslsock = (SSLSocket)
+            ((sock != null) ? sock : createSocket());
+
+        if ((localAddress != null) || (localPort > 0)) {
+
+            // we need to bind explicitly
+            if (localPort < 0)
+                localPort = 0; // indicates "any"
+
+            InetSocketAddress isa =
+                new InetSocketAddress(localAddress, localPort);
+            sslsock.bind(isa);
+        }
+
+        int connTimeout = HttpConnectionParams.getConnectionTimeout(params);
+        int soTimeout = HttpConnectionParams.getSoTimeout(params);
+
+        InetSocketAddress remoteAddress;
+        if (this.nameResolver != null) {
+            remoteAddress = new InetSocketAddress(this.nameResolver.resolve(host), port); 
+        } else {
+            remoteAddress = new InetSocketAddress(host, port);            
+        }
+        
+        sslsock.connect(remoteAddress, connTimeout);
+
+        sslsock.setSoTimeout(soTimeout);
+        try {
+            hostnameVerifier.verify(host, sslsock);
+            // verifyHostName() didn't blowup - good!
+        } catch (IOException iox) {
+            // close the socket before re-throwing the exception
+            try { sslsock.close(); } catch (Exception x) { /*ignore*/ }
+            throw iox;
+        }
+
+        return sslsock;
+    }
+
+
+    /**
+     * Checks whether a socket connection is secure.
+     * This factory creates TLS/SSL socket connections
+     * which, by default, are considered secure.
+     * <br/>
+     * Derived classes may override this method to perform
+     * runtime checks, for example based on the cypher suite.
+     *
+     * @param sock      the connected socket
+     *
+     * @return  <code>true</code>
+     *
+     * @throws IllegalArgumentException if the argument is invalid
+     */
+    public boolean isSecure(Socket sock)
+        throws IllegalArgumentException {
+
+        if (sock == null) {
+            throw new IllegalArgumentException("Socket may not be null.");
+        }
+        // This instanceof check is in line with createSocket() above.
+        if (!(sock instanceof SSLSocket)) {
+            throw new IllegalArgumentException
+                ("Socket not created by this factory.");
+        }
+        // This check is performed last since it calls the argument object.
+        if (sock.isClosed()) {
+            throw new IllegalArgumentException("Socket is closed.");
+        }
+
+        return true;
+
+    } // isSecure
+
+
+    // non-javadoc, see interface LayeredSocketFactory
+    public Socket createSocket(
+        final Socket socket,
+        final String host,
+        final int port,
+        final boolean autoClose
+    ) throws IOException, UnknownHostException {
+        SSLSocket sslSocket = (SSLSocket) this.socketfactory.createSocket(
+              socket,
+              host,
+              port,
+              autoClose
+        );
+        hostnameVerifier.verify(host, sslSocket);
+        // verifyHostName() didn't blowup - good!
+        return sslSocket;
+    }
+
+    public void setHostnameVerifier(X509HostnameVerifier hostnameVerifier) {
+        if ( hostnameVerifier == null ) {
+            throw new IllegalArgumentException("Hostname verifier may not be null");
+        }
+        this.hostnameVerifier = hostnameVerifier;
+    }
+
+    public X509HostnameVerifier getHostnameVerifier() {
+        return hostnameVerifier;
+    }
+
+}
diff --git a/core/java/org/apache/http/conn/ssl/StrictHostnameVerifier.java b/core/java/org/apache/http/conn/ssl/StrictHostnameVerifier.java
new file mode 100644
index 000000000000..bd9e70d17714
--- /dev/null
+++ b/core/java/org/apache/http/conn/ssl/StrictHostnameVerifier.java
@@ -0,0 +1,74 @@
+/*
+ * $HeadURL: http://svn.apache.org/repos/asf/httpcomponents/httpclient/trunk/module-client/src/main/java/org/apache/http/conn/ssl/StrictHostnameVerifier.java $
+ * $Revision: 617642 $
+ * $Date: 2008-02-01 12:54:07 -0800 (Fri, 01 Feb 2008) $
+ *
+ * ====================================================================
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ * ====================================================================
+ *
+ * This software consists of voluntary contributions made by many
+ * individuals on behalf of the Apache Software Foundation.  For more
+ * information on the Apache Software Foundation, please see
+ * <http://www.apache.org/>.
+ *
+ */
+
+package org.apache.http.conn.ssl;
+
+import javax.net.ssl.SSLException;
+
+/**
+ * The Strict HostnameVerifier works the same way as Sun Java 1.4, Sun
+ * Java 5, Sun Java 6-rc.  It's also pretty close to IE6.  This
+ * implementation appears to be compliant with RFC 2818 for dealing with
+ * wildcards.
+ * <p/>
+ * The hostname must match either the first CN, or any of the subject-alts.
+ * A wildcard can occur in the CN, and in any of the subject-alts.  The
+ * one divergence from IE6 is how we only check the first CN.  IE6 allows
+ * a match against any of the CNs present.  We decided to follow in
+ * Sun Java 1.4's footsteps and only check the first CN.  (If you need
+ * to check all the CN's, feel free to write your own implementation!).
+ * <p/>
+ * A wildcard such as "*.foo.com" matches only subdomains in the same
+ * level, for example "a.foo.com".  It does not match deeper subdomains
+ * such as "a.b.foo.com".
+ * 
+ * @author Julius Davies
+ *
+ * @deprecated Please use {@link java.net.URL#openConnection} instead.
+ *     Please visit <a href="http://android-developers.blogspot.com/2011/09/androids-http-clients.html">this webpage</a>
+ *     for further details.
+ */
+@Deprecated
+public class StrictHostnameVerifier extends AbstractVerifier {
+
+    public final void verify(
+            final String host, 
+            final String[] cns,
+            final String[] subjectAlts) throws SSLException {
+        verify(host, cns, subjectAlts, true);
+    }
+
+    @Override
+    public final String toString() { 
+        return "STRICT"; 
+    }
+    
+}
diff --git a/core/java/org/apache/http/conn/ssl/X509HostnameVerifier.java b/core/java/org/apache/http/conn/ssl/X509HostnameVerifier.java
new file mode 100644
index 000000000000..e38db5f3a15e
--- /dev/null
+++ b/core/java/org/apache/http/conn/ssl/X509HostnameVerifier.java
@@ -0,0 +1,91 @@
+/*
+ * $HeadURL: http://svn.apache.org/repos/asf/httpcomponents/httpclient/trunk/module-client/src/main/java/org/apache/http/conn/ssl/X509HostnameVerifier.java $
+ * $Revision: 618365 $
+ * $Date: 2008-02-04 10:20:08 -0800 (Mon, 04 Feb 2008) $
+ *
+ * ====================================================================
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ * ====================================================================
+ *
+ * This software consists of voluntary contributions made by many
+ * individuals on behalf of the Apache Software Foundation.  For more
+ * information on the Apache Software Foundation, please see
+ * <http://www.apache.org/>.
+ *
+ */
+
+package org.apache.http.conn.ssl;
+
+import javax.net.ssl.HostnameVerifier;
+import javax.net.ssl.SSLException;
+import javax.net.ssl.SSLSession;
+import javax.net.ssl.SSLSocket;
+import java.io.IOException;
+import java.security.cert.X509Certificate;
+
+/**
+ * Interface for checking if a hostname matches the names stored inside the
+ * server's X.509 certificate.  Implements javax.net.ssl.HostnameVerifier, but
+ * we don't actually use that interface.  Instead we added some methods that
+ * take String parameters (instead of javax.net.ssl.HostnameVerifier's
+ * SSLSession).  JUnit is a lot easier this way!  :-)
+ * <p/>
+ * We provide the HostnameVerifier.DEFAULT, HostnameVerifier.STRICT, and
+ * HostnameVerifier.ALLOW_ALL implementations.  But feel free to define
+ * your own implementation!
+ * <p/>
+ * Inspired by Sebastian Hauer's original StrictSSLProtocolSocketFactory in the
+ * HttpClient "contrib" repository.
+ *
+ * @author Julius Davies
+ * @author <a href="mailto:hauer@psicode.com">Sebastian Hauer</a>
+ *
+ * @since 4.0 (8-Dec-2006)
+ *
+ * @deprecated Please use {@link java.net.URL#openConnection} instead.
+ *     Please visit <a href="http://android-developers.blogspot.com/2011/09/androids-http-clients.html">this webpage</a>
+ *     for further details.
+ */
+@Deprecated
+public interface X509HostnameVerifier extends HostnameVerifier {
+
+    boolean verify(String host, SSLSession session);
+
+    void verify(String host, SSLSocket ssl) throws IOException;
+
+    void verify(String host, X509Certificate cert) throws SSLException;
+
+    /**
+     * Checks to see if the supplied hostname matches any of the supplied CNs
+     * or "DNS" Subject-Alts.  Most implementations only look at the first CN,
+     * and ignore any additional CNs.  Most implementations do look at all of
+     * the "DNS" Subject-Alts. The CNs or Subject-Alts may contain wildcards
+     * according to RFC 2818.
+     *
+     * @param cns         CN fields, in order, as extracted from the X.509
+     *                    certificate.
+     * @param subjectAlts Subject-Alt fields of type 2 ("DNS"), as extracted
+     *                    from the X.509 certificate.
+     * @param host        The hostname to verify.
+     * @throws SSLException If verification failed.
+     */
+    void verify(String host, String[] cns, String[] subjectAlts)
+          throws SSLException;
+
+
+}
diff --git a/core/java/org/apache/http/conn/ssl/package.html b/core/java/org/apache/http/conn/ssl/package.html
new file mode 100644
index 000000000000..a5c737fafeda
--- /dev/null
+++ b/core/java/org/apache/http/conn/ssl/package.html
@@ -0,0 +1,40 @@
+<html>
+<head>
+<!--
+/*
+ * $HeadURL: http://svn.apache.org/repos/asf/httpcomponents/httpclient/trunk/module-client/src/main/java/org/apache/http/conn/ssl/package.html $
+ * $Revision: 555193 $
+ * $Date: 2007-07-11 00:36:47 -0700 (Wed, 11 Jul 2007) $
+ *
+ * ====================================================================
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ * ====================================================================
+ *
+ * This software consists of voluntary contributions made by many
+ * individuals on behalf of the Apache Software Foundation.  For more
+ * information on the Apache Software Foundation, please see
+ * <http://www.apache.org/>.
+ *
+ */
+-->
+</head>
+<body>
+TLS/SSL specific parts of the <i>HttpConn</i> API.
+
+</body>
+</html>
diff --git a/core/java/org/apache/http/params/CoreConnectionPNames.java b/core/java/org/apache/http/params/CoreConnectionPNames.java
new file mode 100644
index 000000000000..9479db17007e
--- /dev/null
+++ b/core/java/org/apache/http/params/CoreConnectionPNames.java
@@ -0,0 +1,136 @@
+/*
+ * $HeadURL: http://svn.apache.org/repos/asf/httpcomponents/httpcore/trunk/module-main/src/main/java/org/apache/http/params/CoreConnectionPNames.java $
+ * $Revision: 576077 $
+ * $Date: 2007-09-16 04:50:22 -0700 (Sun, 16 Sep 2007) $
+ *
+ * ====================================================================
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ * ====================================================================
+ *
+ * This software consists of voluntary contributions made by many
+ * individuals on behalf of the Apache Software Foundation.  For more
+ * information on the Apache Software Foundation, please see
+ * <http://www.apache.org/>.
+ *
+ */
+
+package org.apache.http.params;
+
+
+/**
+ * Defines parameter names for connections in HttpCore.
+ * 
+ * @version $Revision: 576077 $
+ * 
+ * @since 4.0
+ *
+ * @deprecated Please use {@link java.net.URL#openConnection} instead.
+ *     Please visit <a href="http://android-developers.blogspot.com/2011/09/androids-http-clients.html">this webpage</a>
+ *     for further details.
+ */
+@Deprecated
+public interface CoreConnectionPNames {
+
+    /**
+     * Defines the default socket timeout (<tt>SO_TIMEOUT</tt>) in milliseconds which is the 
+     * timeout for waiting for data. A timeout value of zero is interpreted as an infinite 
+     * timeout. This value is used when no socket timeout is set in the 
+     * method parameters. 
+     * <p>
+     * This parameter expects a value of type {@link Integer}.
+     * </p>
+     * @see java.net.SocketOptions#SO_TIMEOUT
+     */
+    public static final String SO_TIMEOUT = "http.socket.timeout"; 
+
+    /**
+     * Determines whether Nagle's algorithm is to be used. The Nagle's algorithm 
+     * tries to conserve bandwidth by minimizing the number of segments that are 
+     * sent. When applications wish to decrease network latency and increase 
+     * performance, they can disable Nagle's algorithm (that is enable TCP_NODELAY). 
+     * Data will be sent earlier, at the cost of an increase in bandwidth consumption. 
+     * <p>
+     * This parameter expects a value of type {@link Boolean}.
+     * </p>
+     * @see java.net.SocketOptions#TCP_NODELAY
+     */
+    public static final String TCP_NODELAY = "http.tcp.nodelay"; 
+
+    /**
+     * Determines the size of the internal socket buffer used to buffer data
+     * while receiving / transmitting HTTP messages.
+     * <p>
+     * This parameter expects a value of type {@link Integer}.
+     * </p>
+     */
+    public static final String SOCKET_BUFFER_SIZE = "http.socket.buffer-size"; 
+
+    /**
+     * Sets SO_LINGER with the specified linger time in seconds. The maximum timeout 
+     * value is platform specific. Value <tt>0</tt> implies that the option is disabled.
+     * Value <tt>-1</tt> implies that the JRE default is used. The setting only affects 
+     * socket close.  
+     * <p>
+     * This parameter expects a value of type {@link Integer}.
+     * </p>
+     * @see java.net.SocketOptions#SO_LINGER
+     */
+    public static final String SO_LINGER = "http.socket.linger"; 
+
+    /**
+     * Determines the timeout until a connection is etablished. A value of zero 
+     * means the timeout is not used. The default value is zero.
+     * <p>
+     * This parameter expects a value of type {@link Integer}.
+     * </p>
+     */
+    public static final String CONNECTION_TIMEOUT = "http.connection.timeout"; 
+
+    /**
+     * Determines whether stale connection check is to be used. Disabling 
+     * stale connection check may result in slight performance improvement 
+     * at the risk of getting an I/O error when executing a request over a
+     * connection that has been closed at the server side. 
+     * <p>
+     * This parameter expects a value of type {@link Boolean}.
+     * </p>
+     */
+    public static final String STALE_CONNECTION_CHECK = "http.connection.stalecheck"; 
+
+    /**
+     * Determines the maximum line length limit. If set to a positive value, any HTTP 
+     * line exceeding this limit will cause an IOException. A negative or zero value
+     * will effectively disable the check.
+     * <p>
+     * This parameter expects a value of type {@link Integer}.
+     * </p>
+     */
+    public static final String MAX_LINE_LENGTH = "http.connection.max-line-length";
+    
+    /**
+     * Determines the maximum HTTP header count allowed. If set to a positive value, 
+     * the number of HTTP headers received from the data stream exceeding this limit 
+     * will cause an IOException. A negative or zero value will effectively disable 
+     * the check. 
+     * <p>
+     * This parameter expects a value of type {@link Integer}.
+     * </p>
+     */
+    public static final String MAX_HEADER_COUNT = "http.connection.max-header-count";
+
+}
diff --git a/core/java/org/apache/http/params/HttpConnectionParams.java b/core/java/org/apache/http/params/HttpConnectionParams.java
new file mode 100644
index 000000000000..a7b31fca8fca
--- /dev/null
+++ b/core/java/org/apache/http/params/HttpConnectionParams.java
@@ -0,0 +1,229 @@
+/*
+ * $HeadURL: http://svn.apache.org/repos/asf/httpcomponents/httpcore/trunk/module-main/src/main/java/org/apache/http/params/HttpConnectionParams.java $
+ * $Revision: 576089 $
+ * $Date: 2007-09-16 05:39:56 -0700 (Sun, 16 Sep 2007) $
+ *
+ * ====================================================================
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ * ====================================================================
+ *
+ * This software consists of voluntary contributions made by many
+ * individuals on behalf of the Apache Software Foundation.  For more
+ * information on the Apache Software Foundation, please see
+ * <http://www.apache.org/>.
+ *
+ */
+
+package org.apache.http.params;
+
+/**
+ * An adaptor for accessing connection parameters in {@link HttpParams}.
+ * <br/>
+ * Note that the <i>implements</i> relation to {@link CoreConnectionPNames}
+ * is for compatibility with existing application code only. References to
+ * the parameter names should use the interface, not this class.
+ * 
+ * @author <a href="mailto:oleg at ural.ru">Oleg Kalnichevski</a>
+ * 
+ * @version $Revision: 576089 $
+ * 
+ * @since 4.0
+ *
+ * @deprecated Please use {@link java.net.URL#openConnection} instead.
+ *     Please visit <a href="http://android-developers.blogspot.com/2011/09/androids-http-clients.html">this webpage</a>
+ *     for further details.
+ */
+@Deprecated
+public final class HttpConnectionParams implements CoreConnectionPNames {
+
+    /**
+     */
+    private HttpConnectionParams() {
+        super();
+    }
+
+    /**
+     * Returns the default socket timeout (<tt>SO_TIMEOUT</tt>) in milliseconds which is the 
+     * timeout for waiting for data. A timeout value of zero is interpreted as an infinite 
+     * timeout. This value is used when no socket timeout is set in the 
+     * method parameters. 
+     *
+     * @return timeout in milliseconds
+     */
+    public static int getSoTimeout(final HttpParams params) {
+        if (params == null) {
+            throw new IllegalArgumentException("HTTP parameters may not be null");
+        }
+        return params.getIntParameter(CoreConnectionPNames.SO_TIMEOUT, 0);
+    }
+
+    /**
+     * Sets the default socket timeout (<tt>SO_TIMEOUT</tt>) in milliseconds which is the 
+     * timeout for waiting for data. A timeout value of zero is interpreted as an infinite 
+     * timeout. This value is used when no socket timeout is set in the 
+     * method parameters. 
+     *
+     * @param timeout Timeout in milliseconds
+     */
+    public static void setSoTimeout(final HttpParams params, int timeout) {
+        if (params == null) {
+            throw new IllegalArgumentException("HTTP parameters may not be null");
+        }
+        params.setIntParameter(CoreConnectionPNames.SO_TIMEOUT, timeout);
+        
+    }
+
+    /**
+     * Tests if Nagle's algorithm is to be used.  
+     *
+     * @return <tt>true</tt> if the Nagle's algorithm is to NOT be used
+     *   (that is enable TCP_NODELAY), <tt>false</tt> otherwise.
+     */
+    public static boolean getTcpNoDelay(final HttpParams params) {
+        if (params == null) {
+            throw new IllegalArgumentException("HTTP parameters may not be null");
+        }
+        return params.getBooleanParameter
+            (CoreConnectionPNames.TCP_NODELAY, true);
+    }
+
+    /**
+     * Determines whether Nagle's algorithm is to be used. The Nagle's algorithm 
+     * tries to conserve bandwidth by minimizing the number of segments that are 
+     * sent. When applications wish to decrease network latency and increase 
+     * performance, they can disable Nagle's algorithm (that is enable TCP_NODELAY). 
+     * Data will be sent earlier, at the cost of an increase in bandwidth consumption. 
+     *
+     * @param value <tt>true</tt> if the Nagle's algorithm is to NOT be used
+     *   (that is enable TCP_NODELAY), <tt>false</tt> otherwise.
+     */
+    public static void setTcpNoDelay(final HttpParams params, boolean value) {
+        if (params == null) {
+            throw new IllegalArgumentException("HTTP parameters may not be null");
+        }
+        params.setBooleanParameter(CoreConnectionPNames.TCP_NODELAY, value);
+    }
+
+    public static int getSocketBufferSize(final HttpParams params) {
+        if (params == null) {
+            throw new IllegalArgumentException("HTTP parameters may not be null");
+        }
+        return params.getIntParameter
+            (CoreConnectionPNames.SOCKET_BUFFER_SIZE, -1);
+    }
+    
+    public static void setSocketBufferSize(final HttpParams params, int size) {
+        if (params == null) {
+            throw new IllegalArgumentException("HTTP parameters may not be null");
+        }
+        params.setIntParameter(CoreConnectionPNames.SOCKET_BUFFER_SIZE, size);
+    }
+
+    /**
+     * Returns linger-on-close timeout. Value <tt>0</tt> implies that the option is 
+     * disabled. Value <tt>-1</tt> implies that the JRE default is used.
+     * 
+     * @return the linger-on-close timeout
+     */
+    public static int getLinger(final HttpParams params) {
+        if (params == null) {
+            throw new IllegalArgumentException("HTTP parameters may not be null");
+        }
+        return params.getIntParameter(CoreConnectionPNames.SO_LINGER, -1);
+    }
+
+    /**
+     * Returns linger-on-close timeout. This option disables/enables immediate return 
+     * from a close() of a TCP Socket. Enabling this option with a non-zero Integer 
+     * timeout means that a close() will block pending the transmission and 
+     * acknowledgement of all data written to the peer, at which point the socket is 
+     * closed gracefully. Value <tt>0</tt> implies that the option is 
+     * disabled. Value <tt>-1</tt> implies that the JRE default is used.
+     *
+     * @param value the linger-on-close timeout
+     */
+    public static void setLinger(final HttpParams params, int value) {
+        if (params == null) {
+            throw new IllegalArgumentException("HTTP parameters may not be null");
+        }
+        params.setIntParameter(CoreConnectionPNames.SO_LINGER, value);
+    }
+
+    /**
+     * Returns the timeout until a connection is etablished. A value of zero 
+     * means the timeout is not used. The default value is zero.
+     * 
+     * @return timeout in milliseconds.
+     */
+    public static int getConnectionTimeout(final HttpParams params) {
+        if (params == null) {
+            throw new IllegalArgumentException("HTTP parameters may not be null");
+        }
+        return params.getIntParameter
+            (CoreConnectionPNames.CONNECTION_TIMEOUT, 0);
+    }
+
+    /**
+     * Sets the timeout until a connection is etablished. A value of zero 
+     * means the timeout is not used. The default value is zero.
+     * 
+     * @param timeout Timeout in milliseconds.
+     */
+    public static void setConnectionTimeout(final HttpParams params, int timeout) {
+        if (params == null) {
+            throw new IllegalArgumentException("HTTP parameters may not be null");
+        }
+        params.setIntParameter
+            (CoreConnectionPNames.CONNECTION_TIMEOUT, timeout);
+    }
+    
+    /**
+     * Tests whether stale connection check is to be used. Disabling 
+     * stale connection check may result in slight performance improvement 
+     * at the risk of getting an I/O error when executing a request over a
+     * connection that has been closed at the server side. 
+     * 
+     * @return <tt>true</tt> if stale connection check is to be used, 
+     *   <tt>false</tt> otherwise.
+     */
+    public static boolean isStaleCheckingEnabled(final HttpParams params) {
+        if (params == null) {
+            throw new IllegalArgumentException("HTTP parameters may not be null");
+        }
+        return params.getBooleanParameter
+            (CoreConnectionPNames.STALE_CONNECTION_CHECK, true);
+    }
+
+    /**
+     * Defines whether stale connection check is to be used. Disabling 
+     * stale connection check may result in slight performance improvement 
+     * at the risk of getting an I/O error when executing a request over a
+     * connection that has been closed at the server side. 
+     * 
+     * @param value <tt>true</tt> if stale connection check is to be used, 
+     *   <tt>false</tt> otherwise.
+     */
+    public static void setStaleCheckingEnabled(final HttpParams params, boolean value) {
+        if (params == null) {
+            throw new IllegalArgumentException("HTTP parameters may not be null");
+        }
+        params.setBooleanParameter
+            (CoreConnectionPNames.STALE_CONNECTION_CHECK, value);
+    }
+    
+}
diff --git a/core/java/org/apache/http/params/HttpParams.java b/core/java/org/apache/http/params/HttpParams.java
new file mode 100644
index 000000000000..9562e54e34cd
--- /dev/null
+++ b/core/java/org/apache/http/params/HttpParams.java
@@ -0,0 +1,192 @@
+/*
+ * $HeadURL: http://svn.apache.org/repos/asf/httpcomponents/httpcore/trunk/module-main/src/main/java/org/apache/http/params/HttpParams.java $
+ * $Revision: 610763 $
+ * $Date: 2008-01-10 04:01:13 -0800 (Thu, 10 Jan 2008) $
+ *
+ * ====================================================================
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ * ====================================================================
+ *
+ * This software consists of voluntary contributions made by many
+ * individuals on behalf of the Apache Software Foundation.  For more
+ * information on the Apache Software Foundation, please see
+ * <http://www.apache.org/>.
+ *
+ */
+
+package org.apache.http.params;
+
+/**
+ * Represents a collection of HTTP protocol and framework parameters.
+ *   
+ * @author <a href="mailto:oleg at ural.ru">Oleg Kalnichevski</a>
+ * 
+ * @version $Revision: 610763 $
+ *
+ * @since 4.0
+ *
+ * @deprecated Please use {@link java.net.URL#openConnection} instead.
+ *     Please visit <a href="http://android-developers.blogspot.com/2011/09/androids-http-clients.html">this webpage</a>
+ *     for further details.
+ */
+@Deprecated
+public interface HttpParams {
+
+    /** 
+     * Obtains the value of the given parameter.
+     * 
+     * @param name the parent name.
+     * 
+     * @return  an object that represents the value of the parameter,
+     *          <code>null</code> if the parameter is not set or if it
+     *          is explicitly set to <code>null</code>
+     * 
+     * @see #setParameter(String, Object)
+     */
+    Object getParameter(String name);
+
+    /**
+     * Assigns the value to the parameter with the given name.
+     *
+     * @param name parameter name
+     * @param value parameter value
+     */
+    HttpParams setParameter(String name, Object value);
+
+    /**
+     * Creates a copy of these parameters.
+     *
+     * @return  a new set of parameters holding the same values as this one
+     */
+    HttpParams copy();
+    
+    /**
+     * Removes the parameter with the specified name.
+     * 
+     * @param name parameter name
+     * 
+     * @return true if the parameter existed and has been removed, false else.
+     */
+    boolean removeParameter(String name);
+
+    /** 
+     * Returns a {@link Long} parameter value with the given name. 
+     * If the parameter is not explicitly set, the default value is returned.  
+     * 
+     * @param name the parent name.
+     * @param defaultValue the default value.
+     * 
+     * @return a {@link Long} that represents the value of the parameter.
+     * 
+     * @see #setLongParameter(String, long)
+     */
+    long getLongParameter(String name, long defaultValue);
+
+    /**
+     * Assigns a {@link Long} to the parameter with the given name
+     * 
+     * @param name parameter name
+     * @param value parameter value
+     */ 
+    HttpParams setLongParameter(String name, long value);
+
+    /** 
+     * Returns an {@link Integer} parameter value with the given name. 
+     * If the parameter is not explicitly set, the default value is returned.  
+     * 
+     * @param name the parent name.
+     * @param defaultValue the default value.
+     * 
+     * @return a {@link Integer} that represents the value of the parameter.
+     * 
+     * @see #setIntParameter(String, int)
+     */
+    int getIntParameter(String name, int defaultValue);
+
+    /**
+     * Assigns an {@link Integer} to the parameter with the given name
+     * 
+     * @param name parameter name
+     * @param value parameter value
+     */ 
+    HttpParams setIntParameter(String name, int value);
+
+    /** 
+     * Returns a {@link Double} parameter value with the given name. 
+     * If the parameter is not explicitly set, the default value is returned.  
+     *
+     * @param name the parent name.
+     * @param defaultValue the default value.
+     * 
+     * @return a {@link Double} that represents the value of the parameter.
+     * 
+     * @see #setDoubleParameter(String, double)
+     */
+    double getDoubleParameter(String name, double defaultValue);
+
+    /**
+     * Assigns a {@link Double} to the parameter with the given name
+     * 
+     * @param name parameter name
+     * @param value parameter value
+     */ 
+    HttpParams setDoubleParameter(String name, double value);
+
+    /** 
+     * Returns a {@link Boolean} parameter value with the given name. 
+     * If the parameter is not explicitly set, the default value is returned.  
+     * 
+     * @param name the parent name.
+     * @param defaultValue the default value.
+     * 
+     * @return a {@link Boolean} that represents the value of the parameter.
+     * 
+     * @see #setBooleanParameter(String, boolean)
+     */
+    boolean getBooleanParameter(String name, boolean defaultValue);
+
+    /**
+     * Assigns a {@link Boolean} to the parameter with the given name
+     * 
+     * @param name parameter name
+     * @param value parameter value
+     */ 
+    HttpParams setBooleanParameter(String name, boolean value);
+
+    /**
+     * Checks if a boolean parameter is set to <code>true</code>.
+     * 
+     * @param name parameter name
+     * 
+     * @return <tt>true</tt> if the parameter is set to value <tt>true</tt>,
+     *         <tt>false</tt> if it is not set or set to <code>false</code>
+     */
+    boolean isParameterTrue(String name);
+
+    /**
+     * Checks if a boolean parameter is not set or <code>false</code>.
+     * 
+     * @param name parameter name
+     * 
+     * @return <tt>true</tt> if the parameter is either not set or
+     *         set to value <tt>false</tt>,
+     *         <tt>false</tt> if it is set to <code>true</code>
+     */
+    boolean isParameterFalse(String name);
+
+}